A software development team must send sensitive files to an external partner. The partner’s environment requires a solution that uses different keys for protecting content and verifying it is unchanged. Which method satisfies these requirements while also confirming that each file is genuine?
Create a shared secret and use it for both protection and confirmation
Try a one-time pad and add a hash field for each file
Store the data without concealment and rely on checksums to detect changes
Use public-key encryption together with digital signatures
Public-key encryption allows one key to encrypt the data and another key to decrypt it, ensuring confidentiality. A digital signature uses the private key to sign files. Recipients use the corresponding public key to verify signatures, confirming the sender’s identity and preventing tampering. A shared secret does not offer distinct encryption and verification capabilities. Checksums confirm data integrity but do not provide identity verification. A one-time pad plus a hash approach retains confidentiality but fails to confirm a trustworthy sender.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between public-key encryption and symmetric encryption?
Open an interactive chat with Bash
How does a digital signature confirm the authenticity of a file?
Open an interactive chat with Bash
Why is a shared secret not sufficient for verifying authenticity?